The SolarWinds hackers abuse of Microsoft's identity and access architecture. Microsoft was itself compromised by the SolarWinds intruders, who got access to some of its source code - its crown jewels ! Microsoft's full suite of security products and some of the industry's most skilled cyber-defense practitioners had failed to detect the ghost in the network. In nearly every case of post-intrusion mischief, the intruders « silently moved through Microsoft products » vacuuming up emails and files from dozens of organizations. Thanks in part to the carte blanche that victim networks granted the infected Solarwinds Network Management software in the form of administrative privileges, the intruders could move laterally across them, even jump among organizations. They used it to sneak into the cybersecurity firm Malwarebytes and to target customers of Mimecast, an email security company.
